The advent of the Internet provides Internet users with a worldwide web of information at the click of a button. Accordingly, various businesses have responded to the incredible reach provided by the Internet to enable commerce via channels provided by the Internet. As such, the Internet has become a key mechanism for business to consumer (B2C) and business to business (B2B) commerce. Moreover, many entertainment providers have been quick to utilize the Internet as an additional venue for presenting their entertainment content to users.
Unfortunately, many users of the Internet have experienced substantial delays when engaging in Internet commerce (e-commerce) or receiving entertainment content via the Internet. The delays incurred by most users are due to an inability of the Internet to provide sufficient bandwidth to support the growing number of users which join the Internet on a daily basis. However, improvements in technology are greatly expanding the bandwidth provided by the Internet. In addition, traditional means for receiving or connecting to the Internet, such as modems, are being replaced by T-1 carrier digital lines (T1-lines), cable set-top boxes, DSL (digital subscriber line) or the like, which can provide both content and commerce over the Internet without many of the delays incurred via traditional modems.
In other words, as the bandwidth provided by the Internet grows, and the traditional means for connecting to the Internet extends, the Internet potentially presents a medium for providing both commerce, as well as entertainment content to virtually any person around the world with a simple mouse click of their computer. Unfortunately, as our society gradually moves toward an Internet-based society, devices such as web Internet hosts that are accessed via the Internet for B2C and B2B commerce, as well as entertainment content purposes, become mission critical elements of daily business functions.
With the emergence of distributed denial of service (DDoS), it can become apparent that the open, distributed nature of the Internet can be used for malicious purposes. DDoS attacks can easily bring down a Internet host or router, making the mission critical services experience significant outages. As known to those skilled in the art, DDoS attacks typically consist of a number of hosts sending some sort of attack traffic to a single target Internet host. DDoS attacks typically are no different in content from regular denial of service (DoS) attacks, other than the fact that they are scaled to a much larger degree.
Defense against DoS attacks typically consist of temporary installation of one or more filters to drop traffic from as many attackers as possible. Current mechanisms for such installation require the installation of filters which typically involve human contact between the owner of the attacked Internet host and the administrator(s) of the network delivering the traffic to the Internet host. This communication consists of specifying the information about the traffic, followed by a manual installation of filters in the network to drop such traffic prior to it reaching the Internet host.
Unfortunately, the problem caused by DDoS attacks is exacerbated by the vast scale, which must be responded to, during such an attack. While a manual response may be sufficient, albeit slow for a regular DoS attack originating at a single source, a manual response may fail to prevent a DDoS attack. The failure of a manual response results from the sheer number of attackers in a DDoS attack, which will overwhelm the response capabilities of a system that includes a human element in the action-response loop. Therefore, there remains a need to overcome one or more of the limitations in the above-described, existing art.